--On Monday, March 03, 2003 04:57:24 PM -0800 Ray Olszewski <[EMAIL PROTECTED]> wrote:
At 04:41 PM 3/3/2003 -0800, Tom Eastep wrote:
iptables can generate an RST response as well which is what Shorewall has it generate in response to a REJECTed TCP connection request.
Thanks, Tom. I'd missed that in the iptables docs.
I don't know if you know the history of the longstanding problems LRP/LEAF had with auth/ident requests, but this new capability should address that problem as well. It's good to know.
I have the following in my /etc/shorewall/common file: . /etc/shorewall/common.def run_iptables -A common -p tcp -m multiport --dports auth,139,445 -j REJECT
Something similar might not be a bad idea for Bering if ident/auth hangs have been a problem.
-Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://www.shorewall.net Washington USA \ [EMAIL PROTECTED]
-------------------------------------------------------
This SF.net email is sponsored by: Etnus, makers of TotalView, The debugger for complex code. Debugging C/C++ programs can leave you feeling lost and disoriented. TotalView can help you find your way. Available on major UNIX and Linux platforms. Try it free. www.etnus.com
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
